Blockchain-Based Secure Storage and Access Scheme For Electronic Medical Records in IPFS

Sun, Jin; Yao, Xiaomin; Wang, Shangping; Wu, Ying

doi:10.1109/access.2020.2982964

Cited by 189 publications

(111 citation statements)

References 26 publications

Supporting

Mentioning

108

Contrasting

Unclassified

Order By: Relevance

“…But it does not use Smart Contracts, and it is obvious that the scheme is unable to achieve more complex requirements. Sun et al constructed a model of secure storage and effective sharing for electronic medical data based on ABE and blockchain [27], which provides better access control. Doctors use ABE to encrypt patients' medical data and store it on IPFS.…”

Section: Related Workmentioning

confidence: 99%

BSSPD: A Blockchain‐Based Security Sharing Scheme for Personal Data with Fine‐Grained Access Control

Gao

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Privacy protection and open sharing are the core of data governance in the AI-driven era. A common data-sharing management platform is indispensable in the existing data-sharing solutions, and users upload their data to the cloud server for storage and dissemination. However, from the moment users upload the data to the server, they will lose absolute ownership of their data, and security and privacy will become a critical issue. Although data encryption and access control are considered up-and-coming technologies in protecting personal data security on the cloud server, they alleviate this problem to a certain extent. However, it still depends too much on a third-party organization’s credibility, the Cloud Service Provider (CSP). In this paper, we combined blockchain, ciphertext-policy attribute-based encryption (CP-ABE), and InterPlanetary File System (IPFS) to address this problem to propose a blockchain-based security sharing scheme for personal data named BSSPD. In this user-centric scheme, the data owner encrypts the sharing data and stores it on IPFS, which maximizes the scheme’s decentralization. The address and the decryption key of the shared data will be encrypted with CP-ABE according to the specific access policy, and the data owner uses blockchain to publish his data-related information and distribute keys for data users. Only the data user whose attributes meet the access policy can download and decrypt the data. The data owner has fine-grained access control over his data, and BSSPD supports an attribute-level revocation of a specific data user without affecting others. To further protect the data user’s privacy, the ciphertext keyword search is used when retrieving data. We analyzed the security of the BBSPD and simulated our scheme on the EOS blockchain, which proved that our scheme is feasible. Meanwhile, we provided a thorough analysis of the storage and computing overhead, which proved that BSSPD has a good performance.

show abstract

Section: Related Workmentioning

confidence: 99%

BSSPD: A Blockchain‐Based Security Sharing Scheme for Personal Data with Fine‐Grained Access Control

Gao

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…This leads to a relatively stable legal state by essentially eliminating most of the legal, and censorship issues. For the rest of the issues, for example the right to forget, we ought to follow recent and on-going developments [ 53 , 54 ], which are in fact orthogonal to our study.…”

Section: Methodsmentioning

confidence: 99%

Towards an open and decentralized case law curation ecosystem

Panagou

Vavalis

2020

PLoS ONE

View full text Add to dashboard Cite

Case law is the term that refers to reports of past court decisions. It is considered an essential source of law, vital for legal professionals. Existing case law services are currently centralized, with an entity having complete control over the data and often charging fees for its access and other adding value services. This paper attempts to leverage the potential of blockchain technology in order to develop a public and decentralized platform that allows the submission of court decisions in a decentralized database and employs a network of curators who offer their validation, classification, and evaluation. Specifically, we design, analyze and implement AnyCase, a proof-of-concept prototype system on the Ethereum platform. We focus on the establishment of a sybil-resistant voting protocol used for reaching agreement and the development of a tokenized economy that incentivizes participation. Our preliminary analysis indicates that, besides being decentralized, AnyCase has the potential to compete with existing centralized systems in several other aspects.

show abstract

“…Moreover, the proposed SC-ABSE scheme supports secure multikeyword searchable mechanisms without compromising security resistance to chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model under the DBDH hardness assumption. By contrast, other schemes, [ 55 , 56 , 57 , 58 , 59 ] are analysed in the random oracle model, which is much weaker than the standard model. Such weakness is mainly due to the existence of a trusted PKG, which causes the key escrow problem by compromising the privacy of the user and leads to learning the data user’s search information by testing all token generation and ciphertexts of keywords one by one.…”

Section: Related Workmentioning

confidence: 99%

“…Such weakness is mainly due to the existence of a trusted PKG, which causes the key escrow problem by compromising the privacy of the user and leads to learning the data user’s search information by testing all token generation and ciphertexts of keywords one by one. However, the CP-ABSE schemes proposed in [ 55 , 56 , 57 , 58 , 59 ] have a high computational complexity that burdens user experience in key generation, token generation, retrieval, and outsourcing of data over cloud storage environments by performing additional computational tasks. This high computational complexity can be a bottleneck for the users to upload and share medical data over an IPFS storage in a blockchain environment.…”

Section: Related Workmentioning

confidence: 99%

Blockchain-Based Access Control Scheme for Secure Shared Personal Health Records over Decentralised Storage

Hussien

Yasin

Udzir

et al. 2021

Sensors

View full text Add to dashboard Cite

Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie–Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.

show abstract

Blockchain-Based Secure Storage and Access Scheme For Electronic Medical Records in IPFS

Cited by 189 publications

References 26 publications

BSSPD: A Blockchain‐Based Security Sharing Scheme for Personal Data with Fine‐Grained Access Control

BSSPD: A Blockchain‐Based Security Sharing Scheme for Personal Data with Fine‐Grained Access Control

Towards an open and decentralized case law curation ecosystem

Blockchain-Based Access Control Scheme for Secure Shared Personal Health Records over Decentralised Storage

Contact Info

Product

Resources

About